North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IRC Bot list (cross posting)

  • From: william(at)
  • Date: Tue Feb 08 23:51:12 2005

On Tue, 8 Feb 2005, Bill Nash wrote:
> You don't mass an army if you're not about to use it. 

3000 is no longer that large, maybe a brigade but not an "army"...

> This situation can  (very quickly) have operational relevance. 

If every botnet investigation is brought up at nanog, the list itself will 
loose relevence.

> Bringing  it to light to a wider  forum than special interest groups is 
> a good idea.

Appropriate people already saw the list and will take care. There are also
special tools available that will take list of ip addresses and notify 
appropriate networks, doing it manually and then letting all list know 
(epsecially nanog which has not only whitehats but number of blackhats)
is in itself a security issue as has already been pointed out.

William Leibzon
Elan Networks
[email protected]